From 348188229acdbb7297e021d8f6371200b77ed0df Mon Sep 17 00:00:00 2001 From: John Durkop Date: Mon, 12 Oct 2020 21:36:22 -0700 Subject: [PATCH] Correct inclusion of MBEDTLS_XXX based on PSA_WANT_XXX Provied a more detailed description for the config_psa.h header file. This new description makes it clear that the file should not be edited by users or integrators. Relevant changes should be made to psa/crypto_config.h instead. Fixed the logic for the inclusion of MBEDTLS_PSA_BUILTIN_XXX to be set when PSA_WANT_ALG_XXX and MBEDTLS_PSA_ACCEL_ALG_XXX is not defined, otherwise the MBEDTLS_XXX should be set. Ensure that MBEDTLS_PSA_BUILTIN_XXX is set to 1 and not simply defined per specification. Signed-off-by: John Durkop --- include/mbedtls/config_psa.h | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/include/mbedtls/config_psa.h b/include/mbedtls/config_psa.h index 8e76372eb0..02bdfb1b0c 100644 --- a/include/mbedtls/config_psa.h +++ b/include/mbedtls/config_psa.h @@ -2,9 +2,13 @@ * \file mbedtls/config_psa.h * \brief PSA crypto configuration options (set of defines) * - * This set of compile-time options may be used to enable - * or disable PSA crypto features selectively. This will aid - * in reducing the size of the library by removing unused code. + * This set of compile-time options takes settings defined in + * include/mbedtls/config.h and include/psa/crypto_config.h and uses + * those definitions to define symbols used in the library code. + * + * Users and integrators should not edit this file, please edit + * include/mbedtls/config.h for MBETLS_XXX settings or + * include/psa/crypto_config.h for PSA_WANT_XXX settings. */ /* * Copyright The Mbed TLS Contributors @@ -38,19 +42,17 @@ extern "C" { #if defined(PSA_WANT_ALG_ECDSA) #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) -#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA -#else /* !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) */ +#define MBEDTLS_PSA_BUILTIN_ALG_ECDSA 1 #define MBEDTLS_ECDSA_C -#endif /* !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA) */ -#endif /* defined(PSA_WANT_ALG_ECDSA) */ +#endif /* !MBEDTLS_PSA_ACCEL_ALG_ECDSA */ +#endif /* PSA_WANT_ALG_ECDSA */ #if defined(PSA_WANT_ALG_ECDSA_DETERMINISTIC) #if !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA_DETERMINISTIC) -#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA -#else /* && !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA_DETERMINISTIC) */ +#define MBEDTLS_PSA_BUILTIN_ALG_DETERMINISTIC_ECDSA 1 #define MBEDTLS_ECDSA_DETERMINISTIC -#endif /* !defined(MBEDTLS_PSA_ACCEL_ALG_ECDSA_DETERMINISTIC) */ -#endif /* defined(PSA_WANT_ALG_DETERMINISTIC_ECDSA) */ +#endif /* MBEDTLS_PSA_ACCEL_ALG_ECDSA_DETERMINISTIC */ +#endif /* PSA_WANT_ALG_DETERMINISTIC_ECDSA */ #else /* MBEDTLS_PSA_CRYPTO_CONFIG */ @@ -58,11 +60,11 @@ extern "C" { * Ensure PSA_WANT_* defines are setup properly if MBEDTLS_PSA_CRYPTO_CONFIG * is not defined */ -#ifdef MBEDTLS_ECDSA_C +#if defined(MBEDTLS_ECDSA_C) #define PSA_WANT_ALG_ECDSA #endif /* MBEDTLS_ECDSA_C */ -#ifdef MBEDTLS_ECDSA_DETERMINISTIC +#if defined(MBEDTLS_ECDSA_DETERMINISTIC) #define PSA_WANT_ALG_ECDSA_DETERMINISTIC #endif /* MBEDTLS_ECDSA_DETERMINISTIC */